Which attack employs precomputed hashes to crack passwords faster by using rainbow tables?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack employs precomputed hashes to crack passwords faster by using rainbow tables?

Explanation:
Rainbow table attacks rely on precomputing hashes for a large set of candidate passwords and saving those results so a cracked hash can be reversed quickly. The idea is to build a table that maps hash outputs back to their plaintext passwords, often using chains with a reduction function to keep the table practical in size. When an attacker encounters a password hash, they can look it up in the table and recover the original password without hashing every candidate from scratch, which speeds up the cracking process considerably. Salt changes the game by adding unique data to each password before hashing, so the same password could produce different hashes; this makes precomputed tables much less effective because a new table would be required for each salt value. Other methods don’t rely on precomputed hashes. A brute-force attack hashes each candidate on the fly as it tries them, which can be very slow. A dictionary attack uses a predefined list of words and common variations, hashing them as it goes but still without the precomputed lookup advantage. Phishing, on the other hand, is a social-engineering approach to obtain credentials directly from users rather than cracking hashed passwords.

Rainbow table attacks rely on precomputing hashes for a large set of candidate passwords and saving those results so a cracked hash can be reversed quickly. The idea is to build a table that maps hash outputs back to their plaintext passwords, often using chains with a reduction function to keep the table practical in size. When an attacker encounters a password hash, they can look it up in the table and recover the original password without hashing every candidate from scratch, which speeds up the cracking process considerably. Salt changes the game by adding unique data to each password before hashing, so the same password could produce different hashes; this makes precomputed tables much less effective because a new table would be required for each salt value.

Other methods don’t rely on precomputed hashes. A brute-force attack hashes each candidate on the fly as it tries them, which can be very slow. A dictionary attack uses a predefined list of words and common variations, hashing them as it goes but still without the precomputed lookup advantage. Phishing, on the other hand, is a social-engineering approach to obtain credentials directly from users rather than cracking hashed passwords.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy